I`m trying to explore as well the web version of XOJO, and recently i found that i need some kind of rest service to avoid using that 3306 remote connection which is a security issue, all good until now.
The issue is the data encrypting part and the way to handle it. I will implement a ssl only session but the problem is the data itself and the authentication method,
I have some php api that uses an email and password to authenticate, then once authenticated gets an unique token and the transactions are done with that , but still i was thinking to encrypt the json data with the framework crypto library , hopefully that works on web as well so either pbkdf2 or rsa but the issue comes with the length and the limitation of the string, is there a limit on the rest payload ? what i know is that on php you can set this payload.
If i would use a token based and let`s say transpose the current api into a xojo web app it will be enought ? and how i should proceed ?
As far as i know i have to use either /special or /api then i guess i`ll have to split the chunk of the url separated by “/” get the token and do all the logics, or it is a better way ?
I can use some kind of authentication from the framework side?
Any ideas or point to start are more than welcomed, i`m starting my quest based on this link http://developer.xojo.com/webinar-web-services
As well for the rest service you recommend sqlite database with wal and encryption or an mysql database ? i prefer the fist one but i`m not obliged to stick on it.
Thanks again .